Lucene search
+L

236 matches found

Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-48487 Zeroconf: Unvalidated rdlength in record payload readers allows LAN-local cache corruption via crafted mDNS packet

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.16, readcharacterstring and readstring in src/zeroconf/protocol/incoming.py advanced self.offset by attacker-declared RDLENGTH without checking it against self.datalen, allowing unauthenticated hosts on th...

5.3CVSS0.00318EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/11 12:3 p.m.10 views

bind security update

An update is available for bind. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Name...

7.5CVSS5.5AI score0.0181EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/07 4:41 a.m.10 views

SUSE CVE-2026-11225

Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

6.5CVSS5.5AI score0.00158EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.13 views

EUVD-2026-34686

Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

5.8AI score0.00158EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 11:17 p.m.10 views

CVE-2026-11225

Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

6.5CVSS0.00158EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.6 views

DEBIAN-CVE-2026-11225

Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

6.5CVSS5.5AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11215

Inappropriate implementation in Cronet in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00158EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11227

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

5.8AI score0.00158EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.10 views

CVE-2026-11225

Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

6.5CVSS5.5AI score0.00158EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:5 p.m.31 views

CVE-2026-11215

CVE-2026-11215 concerns an insecure/incorrect Cronet implementation in Google Chrome on Android prior to version 149.0.7827.53, enabling a remote attacker to spoof a domain via a crafted domain name. The vulnerability arises in Cronet’s domain handling and is described with a Chromium security se...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.25 views

PT-2026-46741

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in Cronet allows a remote attacker to perform domain spoofing by using a crafted domain name. Recommendations Update to version 149.0.7827.53 ...

9.6CVSS5.8AI score0.00493EPSS
Exploits0References434
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.11 views

The vulnerability of the Omnibox address bar in the Google Chrome browser on iOS operating systems allows a hacker to replace the content in the URL bar.

The vulnerability of the Omnibox address bar in Google Chrome browsers on iOS operating systems is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to replace the content in the URL bar using a specially created domain name...

5CVSS7.3AI score0.00158EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/09 12:32 a.m.2 views

EUVD-2026-20717

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name. Chromium security severity: Low...

5.9AI score0.00158EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 10:16 p.m.6 views

CVE-2026-5895

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name. Chromium security severity: Low...

5.4CVSS0.00158EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 9:20 p.m.15 views

CVE-2026-5895

CVE-2026-5895 describes an incorrect security UI in the Omnibox of Google Chrome on iOS before 147.0.7727.55, allowing a remote attacker to spoof the Omnibox (URL bar) via a crafted domain name. The CVE is listed with Chromium security severity: Low. Public connected sources confirm that Chrome/C...

5.4CVSS5.9AI score0.00158EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/08 9:20 p.m.24 views

CVE-2026-5895

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name. Chromium security severity: Low...

0.00158EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/15 8:28 p.m.3 views

CVE-2026-21920

An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX Series device configured for DNS processing, receives a specifically formatted DNS request flowd will...

8.7CVSS5.6AI score0.00438EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/17 8:8 a.m.7 views

CVE-2025-59029

A flaw was found in PowerDNS. This vulnerability allows an attacker to trigger an assertion failure via requesting crafted DNS Domain Name System records, waiting for them to be inserted into the records cache, then sending a query with qtype set to ANY. Mitigation To mitigate this issue, restric...

5.3CVSS6.3AI score0.00336EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/08 3:0 p.m.4 views

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

4.3CVSS6AI score0.00174EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-13636

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI...

4.3CVSS6.2AI score0.00174EPSS
Exploits0References2
Rows per page
Query Builder